<?php
require_once('mysql_connect.php');
if ($_SESSION['admin'] == 1){
}else{
	header("Location:login.php");
	exit();
}

$loc ="admin";
if(isset($_POST['id'])){
$getid = $_POST['id'];
}
if(isset($_GET['id'])){
$getid = $_GET['id'];
}


if(isset($_POST['check'])){
	$querymovie = "SELECT * FROM movie WHERE id=" . $_POST['check'];
	$queryresult = mysql_query($querymovie);
	if(mysql_num_rows($queryresult) >0){
		$query = "INSERT INTO checkout(movieid, usersid) VALUES({$_POST['check']}, {$_POST['users']})";
		$result = mysql_query($query) or die(mysql_error());
	}
}


$pullquery = "SELECT * FROM users";
$pullresult = mysql_query($pullquery);
include('top.php');
?>
<TABLE><TR><TD>
<FORM ACTION="checkout.php" method="post">
<BR><FONT FACE="Verdana" size=-1 color=000000>id number: </FONT><INPUT TYPE="text" name="check" id="check" value="<?php echo $getid;?>">
<SELECT name="users" id="users"><?php
while($pullrow = mysql_fetch_array($pullresult)){
?>
<OPTION value="<?php echo $pullrow['id'];?>"><?php echo unescape_data($pullrow['email']);?></OPTION>
<?php
}
?></SELECT>
<INPUT TYPE="submit" name="submit" id="submit" value="check-out">
</FORM>
<BR><HR width="100%">


</TD></TR></TABLE>
<?php
include('bot.php');
?>